Method and apparatus for source-based message authorization and rejection

ABSTRACT

Unwanted electronic messages can be avoided by screening them before they enter a receiving client. Only messages from authorized sending parties are passed to the receiving client while messages from sending parties not previously authorized are discarded or returned. The same arrangement can be used with cellular and conventional telephones, facsimile machines, and other devices.

BACKGROUND OF THE INVENTION

[0001] Currently-available e-mail systems used with the Internet acceptany message directed to the recipient's address. An exception to receiptof such messages is a blocking device that will selectively block aspecific address or series of addresses, perhaps identified by aparticular domain name. To utilize this type of blocking, one mustidentify the unwanted sender and enter its identify in a database.However, this still permits the receipt of other, heretoforeunidentified, but unauthorized messages. A scheme that would prevent thereceipt of such messages without having to first identify them would behighly desirable.

BRIEF DESCRIPTION OF THE DRAWINGS

[0002]FIG. 1 is a block diagram of a system providing authorization ofmessages;

[0003]FIG. 2 is a flow chart for the system of FIG. 1;

[0004]FIG. 3 is a block diagram of a system that alternately providesauthorization and blocking of messages;

[0005]FIG. 4 is a flow chart for the system of FIG. 3; and

[0006]FIGS. 5 and 6 are alternative configurations of the system of FIG.1.

SUMMARY OF THE INVENTION

[0007] In a preferred embodiment of the invention, a method is providedfor blocking unwanted messages from a receiving device, the methodcomprising the steps of receiving a message from a sending party;identifying the sending party; determining whether the sending party isan authorized originator; and passing the message to the receivingdevice if the determining step reveals that the sending party is anauthorized originator.

[0008] According to another embodiment of the invention, a method isprovided for blocking unwanted messages from a receiving device, themethod comprising the steps of selecting one of an authorized originatorlist or a blocked originator list; receiving a message from a sendingparty; identifying the sending party; determining, in response to thestep of selecting a list, one of whether the sending party is on theauthorized originator list or whether the sending party is on theblocked originator list; and passing the message to the receiving deviceif the authorized originator list is selected and the sending party ison the authorized originator list or if the blocked originator list isselected and the sending party is not on the blocked originator list.

[0009] In particular variations of these embodiments, the step ofdetermining whether the sending party is an authorized originatorfurther comprises determining whether an address of the sending partyhas been approved for receipt of messages and the step of determiningwhether the address of the sending party has been approved for receiptof messages further comprises determining whether an e-mail address or atelephone number is present in a database of approved senders. Inaddition the step of determining whether the e-mail address or thetelephone number is present in the database further comprisesdetermining whether a domain for the email address or telephone numberis present in the database of approved senders and the step ofdetermining whether the sending party is an authorized originatorfurther comprises determining whether a domain of the sending party ispresent in a database of approved senders. Further, the method mayfurther comprise discarding the message, returning the message to thesending party or determining whether a size of the message isauthorized.

[0010] In a particularly preferred embodiment of the invention, acomputer-based system is provided that has a processor and associatedmemory for blocking unwanted messages from a receiving device,comprising an input device for receiving a message from a sending party;an identifier for identifying the sending party; and a screeningmechanism having a database of approved senders, the processordetermining whether the sending party is an authorized originator bycomparing the identifier with the approved senders and passing themessage to the receiving device when the sending party is an authorizedoriginator.

[0011] In another embodiment, a computer-based system is provided havinga processor and associated memory for blocking unwanted messages from areceiving device, comprising an input device for receiving a messagefrom a sending party; identifier for identifying the sending party; anda screening mechanism having a database of approved senders and adatabase of blocked senders, the processor determining which database touse at any particular time, the processor passing the message to thereceiving device if the sending party is an authorized originator, theprocessor determining an authorized originator by either finding theidentifier within the database of approved senders or not finding theidentifier with the database of blocked senders.

[0012] In particular variations of these embodiments, the databasefurther comprises a list of approved e-mail addresses or approvedtelephone numbers for the approved senders or the database furthercomprises a list of approved domains for the approved senders. Inaddition, the processor may discards the message or returns the messageto the sender when the processor determines that the message is not froman authorized sender and said screening mechanism further comprisesacceptable message size data, the processor and passing the message tothe receiving device when the message is consistent with the acceptablemessage size data.

[0013] In yet another preferred embodiment of the invention a receivingdevice is provided comprising an input device for receiving a messagefrom a sending party; an identifier for identifying the sending party;and a screening mechanism for determining whether the sending party isan authorized originator, and accepting the message or alternativelyblocking the message.

[0014] In variations of this embodiment, the screening mechanismcomprises a database containing approved addresses or the databasecontains authorized email addresses or a telephone numbers. Further, thescreening mechanism comprises a database containing approved e-mailaddress domains. In addition, a software mechanism is provided fordiscarding or returning the message or the apparatus further comprises asoftware routine for determining whether the size of the message isauthorized.

[0015] In yet another embodiment of the invention, a receiving device,is provided comprising an input device for receiving a message from asending party; identifier for identifying the sending party; and ascreening mechanism for determining whether the sending party is anauthorized originator or alternatively determining whether the sendingparty is an unauthorized originator, and accepting the message oralternatively blocking the message.

[0016] In still another embodiment of the invention an apparatus isprovided for blocking unwanted messages from a receiving device,comprising an input device for receiving a message from a sending party;means for identifying the sending party; means for determining whetherthe sending party is an authorized originator; and means, responsive tothe means for determining, for passing the message to the receivingdevice or alternatively blocking the message. In variations of thisembodiment, the means for determining whether the sending party is anauthorized originator comprises means for determining whether theaddress of the sending party has been approved, or the means fordetermining whether the address of the sending party has been approvedfor receipt of messages comprises means for determining whether ane-mail address or a telephone number is authorized, or the means fordetermining whether the sending party is an authorized originatorcomprises means for determining whether the domain of the address of thesending party has been approved. In still other variations, the receiverfurther comprises means for discarding or returning the message or meansfor determining whether the size of the message is authorized.

DESCRIPTION OF THE INVENTION

[0017] A computer-based system is disclosed, having a memory and aprocessor, that blocks all unauthorized messages by utilizing ascreening mechanism. The screening mechanism may set up by either a userof the system or by a computer or other automated system that providesthe addresses from which authorized messages are to be received. Allincoming messages would be examined by the screening mechanism beforebeing passed onto the receiving device. In one arrangement, the sendingparty from which messages are to be received would have to be enteredinto the screening mechanism cleared before the message screening takesplace. In a variation of this, the entry of a general location oforigin, e.g., a domain name, would suffice for clearance of all messagesoriginating from that domain. This system may used in a corporatesetting, where messages originating from all senders having a commondomain name would be automatically accepted. In yet another variation,other screening characteristics besides origination address, for examplethe size or content of a message, may be blocked by the screeningmechanism. This last function can be achieved with a software routine orscript that operates as part of or in conjunction with the screeningmechanism. In a further variation, the screening mechanism may have thecapability to alternately selectively allow or selectively blockmessages.

[0018] While one application of this system is for e-mail messagesreceived over the Internet, such a scheme may also be used with cellulartelephones, conventional telephones, facsimile machines, and any otherdevice normally open to receiving messages.

[0019] As illustrated in FIG. 1, an input device such as a screeningmechanism 10 connected to a transmission medium 30 precedes thereceiving device 20 via interconnection 16. The screening mechanism 10has an identifier 12 that determines the identity of the sending partyand then determines whether the identity of the sending party isauthorized. Alternatively, the identifier 12 could be external to thescreening mechanism 10. The receiving device 20 may itself contain anidentifier, in which case the receiving device identifier itself wouldbe provided to the screening mechanism 10.

[0020] In a particularly preferred embodiment, a look-up table ordatabase 14 containing the identities of authorized parties is used tomaintain the message receipt authorizations. As noted above,authorization may be extended to parties from specific addresses, allsending parties from a common domain name, all sending parties having acommon identifier in the address, or according to some other aspect ofthe of the received messages.

[0021] If the sending party is unauthorized, the message may be blockedor discarded. In the case of a blocked message, the message may bereturned to the sender with a response message indicating that priorauthorization is required for transmission to be received.

[0022] The procedure for utilizing the apparatus of FIG. 1, as justdescribed, is shown in the flowchart of FIG. 2 (steps 200 through 240).In a particularly preferred embodiment, the method of the inventionincludes the steps of receiving the message 200, identifying the sender210, determining the authorization 220, and disposing of the message(i.e., pass or block) 230. Optionally, the message may be returned to anunauthorized sender 240. A software routine within the screeningmechanism or the receiving device may be utilized to achieve thisreturned message function.

[0023] The use of the system provided in FIG. 1 should not result insignificant message processing delays as compared to existing systemsthat selectively block unwanted parties. In fact, the delays in thescreening process, whether a selective block, screening mechanism or aselective allow, screening mechanism is used, depends solely on thenumber of addresses or criteria within the screening mechanism to whicheach message must be compared. By way of example, assume that 100messages originating from 50 different sending entities are received bythe screening mechanism of the present invention. Further assume thatmessages from 25 of the senders are to be accepted, and messages fromthe other 25 are to be rejected. Since a selective block, screeningmechanism and a selective allow, screening mechanism both must use ascreening mechanism containing 25 entries, the processing times of bothsystems for the same 100 received messages are identical, presuming thateach screen takes an equivalent amount of time to process.

[0024] If, however, the number of addresses to selectively block changesin proportion to the total number of sending addresses, say increasesfrom 25 to 35, then the processing time needed to filter the same 100messages will increase for a system using selective block, filteringmechanism vis-à-cu a-vis a system according to the present inventionusing a selective allow, filtering mechanism. This is solely due thefact that the selective blocking filter would contain 35 addressesthrough which each message must be filtered as compared to the selectiveallow filter which would contain 15 addresses. Finally, it should berealized that the selection of the filter also determines the defaultstatus of the message with respect to addresses that are not included ineither database, i.e. with the selective block screening mechanism,received messages from addresses that are not identified by theselective block screening mechanism are allowed to pass to the receivingdevice, whereas with the selective allow screening mechanism receivedmessages with addresses that are not identified by the selective allow,screening mechanism are prevented from passing to the receiving device.

[0025] In another embodiment of the present invention, the screeningmechanism 10 may be configured to selectively work in either one of thetwo modes, blocking or allowing. As described above, when the list ofunauthorized originators begins to exceed the number of authorizedparties in a system that uses a blocking, filtering mechanism, thesystem begins to slow down. Arguably, it would be faster at this pointto employ a selective allow filtering mechanism to permit the passagesof messages from authorized parties. Thus, at the user's option, or asautomatically selected by the systems, the screening mechanism 10 canswitch from the mode of blocking only messages of unauthorized parties(“selective block”) to allowing only messages of authorized parties(“selective allow”). As shown in FIG. 3, the screening mechanism 10 ofthis embodiment has two databases 14 and 18. One database (selectiveallow) would hold the addresses of authorized originators while theother (selective block) would contain addresses of unauthorized parties.In this alternative embodiment, the system would be directed to switchbetween the filters depending on the user's selection or the or possiblysome efficiency optimization routine implemented automatically by thesystem itself. With automatic system optimization, some type of messageanalysis would be performed by the system to determine appropriateswitching points based on the filtering routines and criteria selectedfor filtering. Of course, in this embodiment, the receiver and systemmust update and maintain both a list of “blocked” and an “allowed”sending addresses (or other criteria).

[0026] The procedure for utilizing the apparatus of FIG. 3, as justdescribed, is s shown in the flowchart of FIG. 4 (steps 300 through 360)including the steps of selecting a mode 300, receiving a message 310,identifying a sender 320, determining an authorization 330 or 340, and,depending on the mode selected, disposing of the message (i.e., pass orblock) 350. Optionally, the message may be returned to an unauthorizedsender 360. As mentioned above, this function may be achieved, possiblyin software, in any one of a plurality of fashions.

[0027] In FIG. 1, the screening mechanism 10 is separate from thereceiving device 20. Other configurations, such as shown in FIGS. 5 and6 are also possible. The arrangement of FIG. 3 utilizes an identifier 12resident in the receiving device 20 and passes back the identificationto the screening mechanism 10 which then performs a check against thedatabase 14. Alternatively, the entire screening mechanism 10 could berealized in a hardware module, firmware, software, or some other meanswithin the receiving device 20 as shown in FIG. 6. Other configurations,beyond those of FIGS. 1, 3, 5, and 6 are possible.

[0028] The receiving device 20 can be an e-mail client, a cellulartelephone, a conventional telephone, a facsimile machine, or any otherdevice normally connected to a transmission medium.

[0029] While particular embodiments and applications of the inventionhave been shown and described, it will be obvious to those skilled inthe art that the specific terms and figures are employed in a genericand descriptive sense only and not for the purposes of limiting orreducing the scope of the broader inventive aspects herein. Bydisclosing the preferred embodiments of the present invention above, itis not intended to limit or reduce the scope of coverage for the generalapplicability of the present invention. Persons of skill in the art willeasily recognize the substitution of similar components and steps in theapparatus and methods of the present invention.

What is claimed is:
 1. A method for blocking unwanted messages from areceiving device, comprising: receiving a message from a sending party;identifying the sending party; determining whether the sending party isan authorized originator; and in response to the foregoing step, passingthe message to the receiving device or alternatively blocking themessage.
 2. A method as set forth in claim 1, where determining whetherthe sending party is an authorized originator comprises determiningwhether the address of the sending party has been approved.
 3. A methodas set forth in claim 2, where determining whether the address of thesending party has been approved for receipt of messages comprisesdetermining whether an e-mail address or a telephone number isauthorized.
 4. A method as set forth in claim 1, where determiningwhether an e-mail address is authorized comprises determining whetherthe domain of the address is authorized.
 5. A method as set forth inclaim 1, where determining whether the sending party is an authorizedoriginator comprises determining whether the domain of the address ofthe sending party has been approved.
 6. A method as set forth in claim1, further comprising discarding or returning the message.
 7. A methodas set forth in claim 1, further comprising determining whether the sizeof the message is authorized.
 8. A method for blocking unwanted messagesfrom a receiving device, comprising: receiving a message from a sendingparty; identifying the sending party; determining whether the sendingparty is an authorized originator or alternatively determining whetherthe sending party is an unauthorized originator; and in response to theforegoing step, passing the message to the receiving device oralternatively blocking the message.
 9. An apparatus for blockingunwanted messages from a receiving device, comprising: an input devicefor receiving a message from a sending party; identifier for identifyingthe sending party; and a screening mechanism for determining whether thesending party is an authorized originator, and passing the message tothe receiving device or alternatively blocking the message.
 10. Anapparatus as set forth in claim 9, where the screening mechanismcomprises a database containing approved addresses.
 11. An apparatus asset forth in claim 10, where the database contains authorized e-mailaddresses or a telephone numbers.
 12. An apparatus as set forth in claim9, where the screening mechanism comprises a database containingapproved e-mail address domains.
 13. An apparatus as set forth in claim9, further comprising a software mechanism for discarding or returningthe message.
 14. An apparatus as set forth in claim 9, furthercomprising a software routine for determining whether the size of themessage is authorized.
 15. An apparatus for blocking unwanted messagesfrom a receiving device, comprising: an input device for receiving amessage from a sending party; identifier for identifying the sendingparty; and a screening mechanism for determining whether the sendingparty is an authorized originator or alternatively determining whetherthe sending party is an unauthorized originator, and passing the messageto the receiving device or alternatively blocking the message.
 16. Areceiving device, comprising: an input device for receiving a messagefrom a sending party; identifier for identifying the sending party; anda screening mechanism for determining whether the sending party is anauthorized originator, and accepting the message or alternativelyblocking the message.
 17. A receiving device as set forth in claim 16,where the screening mechanism comprises a database containing approvedaddresses.
 18. A receiving device as set forth in claim 17, where thedatabase contains authorized e-mail addresses or a telephone numbers.19. A receiving device as set forth in claim 16, where the screeningmechanism comprises a database containing approved e-mail addressdomains.
 20. A receiving device as set forth in claim 16, furthercomprising a software mechanism for discarding or returning the message.21. A receiving device as set forth in claim 16, further comprising asoftware routine for determining whether the size of the message isauthorized.
 22. A receiving device, comprising: an input device forreceiving a message from a sending party; identifier for identifying thesending party; and a screening mechanism for determining whether thesending party is an authorized originator or alternatively determiningwhether the sending party is an unauthorized originator, and acceptingthe message or alternatively blocking the message.
 23. An apparatus forblocking unwanted messages from a receiving device, comprising: an inputdevice for receiving a message from a sending party; means foridentifying the sending party; means for determining whether the sendingparty is an authorized originator; and means, responsive to the meansfor determining, for passing the message to the receiving device oralternatively blocking the message.
 24. An apparatus as set forth inclaim 23, where the means for determining whether the sending party isan authorized originator comprises means for determining whether theaddress of the sending party has been approved.
 25. An apparatus as setforth in claim 24, where the means for determining whether the addressof the sending party has been approved for receipt of messages comprisesmeans for determining whether an e-mail address or a telephone number isauthorized.
 26. An apparatus as set forth in claim 23, where the meansfor determining whether the sending party is an authorized originatorcomprises means for determining whether the domain of the address of thesending party has been approved.
 27. An apparatus as set forth in claim23, further comprising means for discarding or returning the message.28. An apparatus as set forth in claim 23, further comprising means fordetermining whether the size of the message is authorized.
 29. A methodfor blocking unwanted messages from a receiving device, comprising:receiving a message from a sending party; identifying the sending party;determining whether the sending party is an authorized originator; andblocking the message from the receiving device if the determining stepreveals that the sending party is not an authorized originator.
 30. Amethod for blocking unwanted messages from a receiving device,comprising: selecting one of an authorized originator list or a blockedoriginator list; receiving a message from a sending party; identifyingthe sending party; determining, in response to the step of selecting alist, whether the sending party is on the authorized originator list orwhether the sending party is on the blocked originator list; andblocking the message from the receiving device if either the authorizedoriginator list is selected and the sending party is not on theauthorized originator list or the blocked originator list is selectedand the sending party is on the blocked originator list.
 31. The methodof claims 29 or 30, wherein the step of determining whether the sendingparty is an authorized originator further comprises determining whetheran address of the sending party has been approved for receipt ofmessages.
 32. The method of claim 31, wherein the step of determiningwhether the address of the sending party has been approved for receiptof messages further comprises determining whether either an e-mailaddress or a telephone number is present in a database of approvedsenders.
 33. The method of claim 32, wherein the step of determiningwhether the e-mail address or the telephone number is present in thedatabase further comprises determining whether a domain for the emailaddress or telephone number is present in the database of approvedsenders.
 34. The method of claims 29 or 30, wherein the step ofdetermining whether the sending party is an authorized originatorfurther comprises determining whether a domain of the sending party ispresent in a database of approved senders.
 35. The method of claim 29 or30 further comprising discarding the message.
 36. The method of claim 29or 30 further comprising returning the message to the sending party. 37.The method of claim 29 or 30, further comprising determining whether asize of the message is authorized.
 38. A computer-based system having aprocessor and associated memory for blocking unwanted messages from areceiving device, comprising: an input device for receiving a messagefrom a sending party; an identifier for identifying the sending party;and a screening mechanism having a database of approved senders, theprocessor determining whether the sending party is an authorizedoriginator by comparing the identifier with the approved senders andblocking the message from the receiving device when the sending party isnot an authorized originator.
 39. A computer-based system having aprocessor and associated memory for blocking unwanted messages from areceiving device, comprising: an input device for receiving a messagefrom a sending party; identifier for identifying the sending party; anda screening mechanism having a database of approved senders and adatabase of blocked senders, the processor determining which database touse at any particular time, the processor blocking the message from thereceiving device if the sending party is not an authorized originator,the processor determining an authorized originator by either finding theidentifier within the database of approved senders or not finding theidentifier with the database of blocked senders.
 40. The system ofclaims 38 or 39, wherein the database of approved senders furthercomprises a list of approved e-mail addresses or approved telephonenumbers for the approved senders.
 41. The system of claims 38 or 39,wherein the database of approved senders further comprises a list ofapproved domains for the approved senders.
 42. The system of claims 38or 39, wherein the processor either discards the message or returns themessage to the sender when the processor determines that the message isnot from an authorized sender.
 43. The system of claims 38 or 39 whereinsaid screening mechanism further comprises acceptable message size data,the processor blocking the message from the receiving device when themessage is not consistent with the acceptable message size data.